VYPR

WP-PostRatings

by WordPress

Source repositories

CVEs (5)

  • CVE-2024-39659MedAug 1, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Stored XSS.This issue affects WP-PostRatings: from n/a through 1.91.1.

  • CVE-2023-40332MedJun 4, 2024
    risk 0.34cvss 5.3epss 0.00

    Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91.

  • CVE-2021-25117MedJan 16, 2024
    risk 0.31cvss 4.8epss 0.00

    The WP-PostRatings WordPress plugin before 1.86.1 does not sanitise the postratings_image parameter from its options page (wp-admin/admin.php?page=wp-postratings/postratings-options.php). Even though the page is only accessible to administrators, and protected against CSRF…

  • CVE-2022-36422MedSep 9, 2022
    risk 0.28cvss 4.3epss 0.00

    Rating increase/decrease via race condition in Lester 'GaMerZ' Chan WP-PostRatings plugin <= 1.89 at WordPress.

  • CVE-2011-10006LowApr 8, 2024
    risk 0.16cvss 3.5epss 0.00

    A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version…